OSINT quiz 2020 walkthrough – Part 2
Yesterday I published a blog post about the first challenge of the OSINT quiz 2020. Since @OSINTdojo requires a second post to be written about an OSINT challenge that I have solved previously, I decided to show you how to solve some more challenges of the quiz.
If you haven’t already read the first part of my walkthrough, you can find it here. SPOILER ALERT! Below you will find solutions for the OSINT quiz 2020. If you would like to first give it a try yourself, don’t continue reading until you need a hint or did it yourself already.
So, here we go. Continuing from where we left last time, let’s try solving the second challenge of the quiz:
Question #2:
“Julia Bayer started the whole Quiztime geolocation movement back in 2017. She started out with the hashtag #MondayQuiz. But can you tell me what the last text was that she tweeted in 2017, while using the hashtag #MondayQuiz?”
Answer:
Just like the last time we are going to use some twitter dorks to solve this one:
Clicking on the link provided we find Julia Bayer’s twitter username is “bayer_julia”. Go to a twitter profile and search for:
from:bayer_julia #MondayQuiz until:2018-01-01
Now click the “Latest” tab. The top search result is your answer: Merry Christmas. Now let’s convert to lower case and remove spaces to find the final MD5 hash version:
If you haven’t already read the first part of my walkthrough, you can find it here. SPOILER ALERT! Below you will find solutions for the OSINT quiz 2020. If you would like to first give it a try yourself, don’t continue reading until you need a hint or did it yourself already.
So, here we go. Continuing from where we left last time, let’s try solving the second challenge of the quiz:
Question #2:
“Julia Bayer started the whole Quiztime geolocation movement back in 2017. She started out with the hashtag #MondayQuiz. But can you tell me what the last text was that she tweeted in 2017, while using the hashtag #MondayQuiz?”
Answer:
Just like the last time we are going to use some twitter dorks to solve this one:
Clicking on the link provided we find Julia Bayer’s twitter username is “bayer_julia”. Go to a twitter profile and search for:
from:bayer_julia #MondayQuiz until:2018-01-01
Now click the “Latest” tab. The top search result is your answer: Merry Christmas. Now let’s convert to lower case and remove spaces to find the final MD5 hash version:
Question #3:
“Quiztime crew member @twone2 posted an image on Instagram on November 24, 2018. In the URL you see the unique identifier of the post (called a 'shortcode' by Instagram), which consists of a bunch of lowercase and uppercase letters and numbers. But there is also an 'id', which can be found in the source or JSON output. This one only contains numbers. Can you find this number?”
Answer:
Clicking on the link provided, we see the owner’s twitter profile. Under his profile description we find a direct link to his Instagram profile! Let’s click it.
“Quiztime crew member @twone2 posted an image on Instagram on November 24, 2018. In the URL you see the unique identifier of the post (called a 'shortcode' by Instagram), which consists of a bunch of lowercase and uppercase letters and numbers. But there is also an 'id', which can be found in the source or JSON output. This one only contains numbers. Can you find this number?”
Answer:
Clicking on the link provided, we see the owner’s twitter profile. Under his profile description we find a direct link to his Instagram profile! Let’s click it.
If you have an Instagram account, you can proceed with the following steps, but if you don’t or just don’t want to use your own Instagram account, you can switch the “instagram.com” part of the url to “imginn.com”. And that will do the trick. Try it out! https://imginn.com/twoneplus/
Whenever you have doubt about something, try switching back reversing the above trick to find more details!
Now let’s find the image Tilman posted on November 24, 2018. After a little searching we find it!
Whenever you have doubt about something, try switching back reversing the above trick to find more details!
Now let’s find the image Tilman posted on November 24, 2018. After a little searching we find it!
You can find the link here: https://www.instagram.com/p/Bqj00zHAsgK/
Now let’s find the “id” of the picture. Right-click on the picture and click “View source code” (option name might differ according to your browser but its generally a close one to this). Now hit ctrl + f in your keyboard to search the page that opened. Search for “id=”. The second result reveals the id of the picture under this line:
meta property="al:ios:url" content="instagram://media?id=1919610192899786762"
Let’s drop this to MD5 hash calculator to find the next answer of the quiz:
Now let’s find the “id” of the picture. Right-click on the picture and click “View source code” (option name might differ according to your browser but its generally a close one to this). Now hit ctrl + f in your keyboard to search the page that opened. Search for “id=”. The second result reveals the id of the picture under this line:
meta property="al:ios:url" content="instagram://media?id=1919610192899786762"
Let’s drop this to MD5 hash calculator to find the next answer of the quiz:
The answer we receive via e-mail tells us another way:
“a clean JSON output can be viewed by adding the code "?__a=1" at the end of the URL”. So that’s another quick way to find what you are looking for!
Moving on to the last challenge we are gonna look into together.
Question #4:
“In September 2019 someone posted in an aviation forum a quote that explained how Christiaan Triebert has used shadows, that were cast by towers around a launch pad, as sun dials. What is the username of the account that posted this? When you found the name, make sure it's all in lower case, calculate the MD5 hash and send it in.”
Answer:
Ok this challenge is extremely easy to find. Just make a google search query of:
Christiaan Triebert aviation forum
and in the first results you will get a link to https://www.airliners.net/forum/viewtopic.php?t=1430561. There you will find a user saying what you are looking for:
Moving on to the last challenge we are gonna look into together.
Question #4:
“In September 2019 someone posted in an aviation forum a quote that explained how Christiaan Triebert has used shadows, that were cast by towers around a launch pad, as sun dials. What is the username of the account that posted this? When you found the name, make sure it's all in lower case, calculate the MD5 hash and send it in.”
Answer:
Ok this challenge is extremely easy to find. Just make a google search query of:
Christiaan Triebert aviation forum
and in the first results you will get a link to https://www.airliners.net/forum/viewtopic.php?t=1430561. There you will find a user saying what you are looking for:
Just copy-paste his username in the MD5 hash calculator again and you have your answer!
So that’s all everyone! I won’t go deeper into the next challenges because I want you to find everything else yourself. Experiment while trying to solve the rest of the challenges. Don’t get disappointed and always stay curious!
Until next time, stay healthy!
Do you have a question/comment regarding this methodology? Please e-mail me at theinspector32@protonmail.com,or send me a message on twitter.
Until next time, stay healthy!
Do you have a question/comment regarding this methodology? Please e-mail me at theinspector32@protonmail.com,or send me a message on twitter.
Comments
Post a Comment